Information Security Cyber Assurance Specialist - £660 per day - Inside IR35 - Hybrid working, 2 days a week on site near Slough - 6 months initial contract.
Our client, a global supplier to the nuclear energy industry, is seeking a highly skilled Information Security Cyber Assurance Specialist to join their team. This critical role is responsible for ensuring the security and resilience of their information systems, aligning with industry standards and regulatory requirements. You will provide assurance that their IT and OT environments are secure and compliant, supporting the delivery of business objectives while managing risk.
Key Responsibilities
Develop, implement, and maintain information security assurance programs.
Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF).
Conduct risk assessments and vulnerability management activities.
Maintain robust security controls across enterprise assets, software, networks, and applications.
Support incident response and recovery processes, including penetration testing and audit log management.
Deliver training and awareness programs to enhance the organization's security posture.
Collaborate with internal and external stakeholders to maintain compliance and manage third-party risks.
Provide expert advice on secure configurations, malware defenses, and network monitoring strategies.
Qualifications & Experience
Mandatory:
At least 5 years' experience in information security assurance roles.
Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST).
Strong understanding of security controls across data, networks, applications, devices, and users.
Desirable:
Familiarity with regulations in the Nuclear industry across operational geographies (US, UK, Netherlands, Germany).
Knowledge of government information classification standards.
Education & Certifications
Bachelor's or Master's degree in Computer Science, Information Security, or a related field, or equivalent industry experience.
Relevant certifications, including but not limited to:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Ethical Hacker (CEH)
CompTIA Security+
Systems Security Certified Practitioner (SSCP)
Technical Skills:
Comprehensive knowledge of security controls, including:
Data Protection, Account Management, and Access Control Management.
Continuous Vulnerability Management and Incident Response.
Penetration Testing and Security Awareness Training.